5
CVSSv2

CVE-2014-0075

Published: 31/05/2014 Updated: 15/04/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat prior to 6.0.40, 7.x prior to 7.0.53, and 8.x prior to 8.0.4 allows remote malicious users to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.

Affected Products

Vendor Product Versions
ApacheTomcat6, 6.0, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14, 6.0.15, 6.0.16, 6.0.17, 6.0.18, 6.0.19, 6.0.20, 6.0.24, 6.0.26, 6.0.27, 6.0.28, 6.0.29, 6.0.30, 6.0.31, 6.0.32, 6.0.33, 6.0.35, 6.0.36, 6.0.37, 6.0.39, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.0.10, 7.0.11, 7.0.12, 7.0.13, 7.0.14, 7.0.15, 7.0.16, 7.0.17, 7.0.18, 7.0.19, 7.0.20, 7.0.21, 7.0.22, 7.0.23, 7.0.24, 7.0.25, 7.0.26, 7.0.27, 7.0.28, 7.0.29, 7.0.30, 7.0.31, 7.0.32, 7.0.33, 7.0.34, 7.0.35, 7.0.36, 7.0.37, 7.0.38, 7.0.39, 7.0.40, 7.0.41, 7.0.42, 7.0.43, 7.0.44, 7.0.45, 7.0.46, 7.0.47, 7.0.48, 7.0.49, 7.0.50, 7.0.52, 8.0.0, 8.0.1, 8.0.3

Vendor Advisories

Several security issues were fixed in Tomcat ...
It was discovered that malicious web applications could use the Expression Language to bypass protections of a Security Manager as expressions were evaluated within a privileged code section For the oldstable distribution (wheezy), this problem has been fixed in version 7028-4+deb7u3 This update also provides fixes for CVE-2013-4444, CVE-2014-0 ...
It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources (CVE-2014-0075 ...
It was discovered that JBoss Web / Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding A remote attacker could use this flaw to perform a denial of service attack against JBoss Web / Apache Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources (CVE-2014-0075 ...
<!-- Start - Changes for Security Advisory Channel --> Security Advisory ID SYMSA1329 Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score: Legacy ID 23 Jul 2015 Open High CVSS v2: 78 SA100 ...
Oracle Critical Patch Update Advisory - October 2016 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previou ...

Recent Articles

Apache issues Tomcat patches
The Register • Darren Pauli • 03 Jun 2014

Versions 6, 7 and 8 contain bugs

Apache has patched a series of low-level bugs in Tomcat that allowed attackers to launch denial of service and bypass file access restrictions.
The vulnerabilities affected versions six, seven and eight of the popular open source web server. They were discovered from February to April and patched late May.
One of the information disclosure affecting version six (CVE-2014-0096) allowed a malicious web app to bypass file access constraints under certain conditions:
One of the DoS...

References

CWE-189http://advisories.mageia.org/MGASA-2014-0268.htmlhttp://linux.oracle.com/errata/ELSA-2014-0865.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-February/150282.htmlhttp://marc.info/?l=bugtraq&m=141017844705317&w=2http://marc.info/?l=bugtraq&m=141390017113542&w=2http://marc.info/?l=bugtraq&m=144498216801440&w=2http://rhn.redhat.com/errata/RHSA-2015-0675.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0720.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0765.htmlhttp://seclists.org/fulldisclosure/2014/Dec/23http://secunia.com/advisories/59121http://secunia.com/advisories/59616http://secunia.com/advisories/59678http://secunia.com/advisories/59732http://secunia.com/advisories/59835http://secunia.com/advisories/59849http://secunia.com/advisories/59873http://secunia.com/advisories/60729http://secunia.com/advisories/60793http://svn.apache.org/viewvc?view=revision&revision=1578337http://svn.apache.org/viewvc?view=revision&revision=1578341http://svn.apache.org/viewvc?view=revision&revision=1579262http://tomcat.apache.org/security-6.htmlhttp://tomcat.apache.org/security-7.htmlhttp://tomcat.apache.org/security-8.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21678231http://www-01.ibm.com/support/docview.wss?uid=swg21680603http://www-01.ibm.com/support/docview.wss?uid=swg21681528http://www.debian.org/security/2016/dsa-3447http://www.debian.org/security/2016/dsa-3530http://www.mandriva.com/security/advisories?name=MDVSA-2015:052http://www.mandriva.com/security/advisories?name=MDVSA-2015:053http://www.mandriva.com/security/advisories?name=MDVSA-2015:084http://www.novell.com/support/kb/doc.php?id=7010166http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://www.securityfocus.com/archive/1/534161/100/0/threadedhttp://www.securityfocus.com/bid/67671http://www.vmware.com/security/advisories/VMSA-2014-0012.htmlhttps://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04851013https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3Ehttps://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3Ehttps://www.rapid7.com/db/vulnerabilities/apache-tomcat-cve-2014-0075http://tools.cisco.com/security/center/viewAlert.x?alertId=34374https://nvd.nist.govhttps://usn.ubuntu.com/2302-1/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2014-0834